The /usr/local Directory
“The /usr/local hierarchy is for use by the system administrator when installing software locally. It needs to be safe from being overwritten when the system software is updated. It may be used for programs and data that are shareable amongst a group of hosts, but not found in /usr.”
The /usr/local directory is similar in structure to the /usr directory. It has the following subdirectories, which are similar in purpose to those in the /usr directory.
/usr/local
|- bin
|- doc
|- etc
|- games
|- include
|- lib
|- libexec
|- sbin
|- share
|- src
Apache configuration on Ubuntu
Apache Default Timeout
Timeout: The number of seconds before receives and sends time out.
This sets (in simple terms) the maximum time, in seconds, to wait for a request, action it and the response to the request.
The default is deliberately set high to allow for varied situations. You can reduce this to something more sane, to 30 seconds or even lower. A decrease may also help in reducing the effects of a DOS attack.
KeepAlive: Whether or not to allow persistent connections (more than one request per connection).
You should generally have KeepAlive “On” as it allows for persistent connections to a client so each file, image, etc. that gets requested. Without keepalives, the apache server and web client will need to establish new connections for every element needed to display a web page. Keeping a single connection going that the client can reuse allows your server to manage clients more efficiently.
MaxKeepAliveRequests
MaxKeepAliveRequests: The maximum number of requests to allow during a persistent connection. Set to 0 to allow an unlimited amount. We recommend you leave this number high, for maximum performance.
Since we have our persistent connection, set the maximum number of requests per connection. Keep this high for maximum performance. You might want to experiment with this setting a bit, but if you have a site with lots of images, javascript, etc, try increasing MaxKeepAliveRequests to as much as 500.
Using find Command for security check
The ‘find’ command is usually used to find filenames which have specific patterns. However, we can also use it to find the files modified/accessed within a specific time period.
For example we can find all files in /etc owned by root that have been modified within the last 2 days:
find /etc -user root -mtime -2
The options we can use here are:
-atime: when the file was last accessed
-ctime: when the file’s permissions were last changed
-mtime: when the file’s data was last modified
You may have noticed that we have a minus sign in front of ‘2′ in the last example. The ‘time’ options for the find command are expressed in 24-hour increments, and the sign in front of the number can indicate ‘less than’ or ‘greater than’. Thus ‘-2′ means we want to find files which were modified within the last two days. If we wanted to find files that were modified more than 2 days ago, we would need to put a plus sign in front of the 2:
find /etc -user root -mtime +2
There are also versions of the atime, ctime, and mtime arguments that measure time in minutes:
-amin: when (in minutes) the file was last accessed
-cmin: when (in minutes) the file’s permissions were last changed
-mmin: when (in minutes) the file’s data was last modified
To match -atime +1, a file has to have been accessed at least two days ago. More example in the find man pages.
